The adoption of cloud technologies and an increase in user mobility are driving fundamental changes to IT infrastructure. These changes are resulting in a seamless work environment for end-users and increased productivity across every facet of enterprise organizations.
Meanwhile, the components needed to secure and connect the modern business have never been more disconnected. This has been driven by two factors: the organizations that must support legacy infrastructure in tandem with its newer tools; and the vendors who have chosen to focus on building either networking OR security products (but rarely both). These vendors have forced hybrid architected organizations to assemble a variety of solutions to meet their needs.
On the networking side, expensive proprietary boxes reside inside of data centers requiring manual configuration and updates, while entirely different vendors/solutions are needed to connect to cloud environments. End-users are given VPN clients that increase latency, but whose security is useless when connecting to SaaS applications. A mix of telcos, hardware, software and services are cobbled together resulting in massive complexity, expense and teams to manage the entire system.
From a security perspective, appliances run in data centers that centralize and bottleneck the organization’s security. In the field, end-users complain about lag due to endpoint security consuming all available resources while attempting to do something as simple as a web search. When cloud components are introduced, an entirely different set of tools must be adopted and managed.
It is common for modern organizations to have 15 or more security solutions in place. The resulting service chaining required to protect everything introduces latency and potential security gaps.
These challenges have caused us to rethink the way that networking and security are delivered and has given rise to what Gartner calls, SASE.
Secure access service edge (SASE) combines the components of SD-WAN, zero trust remote user access with cloud-delivered security. The integration of these technologies allows for security solutions to be delivered from any location and managed from the cloud, with seamless integration between the required networking and security functions.
Fundamentally, any major transformation of the network requires a complimentary change to security. SASE converges these initiatives into a single, all-encompassing approach to eliminate many of the challenges related to managing today’s distributed environments.
Similar to the way that NGFWs sought to simplify the lives of admins and users by condensing many security features into a singular package, SASE is simplifying infrastructure by bringing networking and security into the same platform.
Let’s explore the way SASE makes this happen:
- Single pane of glass management – SASE brings advanced networking and security into the same tent. SASE allows for best-of-breed security solutions such as SWG, DLP and CASB to be seamlessly integrated with SD-WAN networking functions. This allows for security and network management to become a one-stop-shop, greatly simplifying everything from deployment to support.
- Automation – With a SASE architecture, networking and security become tightly integrated. This has a number of advantages including the ability for security events to automatically trigger network responses. If security inspection detects a threat, the connectivity for that user or device can automatically be turned off. And through the networking and computing functions at the network edge, security patches and updates can be pushed to any number edge points-of-presence (POPs) through the integrated network. This entanglement of features allows for networking and security to operate as a cohesive unit that can be orchestrated similar to a public cloud infrastructure.
- Reduced latency – The challenges of service chaining and its resulting latency is one that many security professionals struggle with and end-users ultimately have to live with. Through its platform-based approach, SASE architectures utilize integrated networking capabilities to give security elements the freedom to reside where it makes the most sense. Some traffic inspection can happen at the edge, while more intensive sandboxing and analysis can be dynamically routed to a central location. By providing the ability for security intelligence and workloads to be distributed, networking and workload bottlenecks can be reduced. No longer is traffic forced to be centralized. Multiple services can be run in a coordinated fashion with workload optimization occurring at all levels from layer 3 through 7.
- Minimize security gaps – One of the biggest problems with legacy security has been the perimeter-based approach that most solutions were built around. Data centers were the fortresses that security technologies were built to protect. Once a user tunneled into the secure perimeter, horizontal access was far less scrutinized and often led to undetected breaches. Additionally, with the introduction of the cloud and SaaS, traffic no longer needed to flow through these centralized locations. CASBs and web gateways attempted to solve this problem but created additional management and user overhead. SASE creates a software-defined perimeter based on users’ identity and brings all access and security into a unified solution that operates across any application, system or user… regardless of its location. This singular approach eliminates gaps in coverage and policies, as well as provides a single source for all security logs.
- Faster remediation – Mean time to resolution (MTTR) is a metric that many security and internal IT teams use to measure their response time to security incidents. As the scale of staff, vendors and services increases, the time to resolve incidents goes up. Sifting through multiple potential points of failure can reduce response time and ultimately increase the cost of an incident to the business. SASE’s integrated approach allows the root causes to be quickly triaged and remediated through a single cloud portal.
SASE allows best-of-breed security and networking to be natively intertwined, delivered and managed as a single solution. As a concept, its ascent in the world of networking and security solutions has been building for years, but due to a confluence of societal and technology trends, is experiencing an inflection point at the moment. The next 5-10 years will see SASE continue its march to wide-scale enterprise adoption.
As the cloud and increased user mobility force two of IT’s biggest industries into a turf war, expect the simplicity of security and networking to be the biggest winner.